On 14 Apr, Alan Curry wrote:
+-----
| >>> On Fri, Apr 14, 2000 at 02:43:16PM -0700, Linda Walsh wrote:
| >> audited action. System daemons run with LUID 0, which is the only LUID
| >> permitted to change its LUID; if a process has a nonzero LUID, it can
| >> not change its LUID for any reason.
|
| So if named takes a dive, I login remotely and su to root and restart it,
| it's not a "system daemon" anymore? Strikes me as a useless distinction at
| best.
+--->8
It means that named would be audited as you and not as the system. But
if you're doing that, you're not running a CAPP-compliant system anyway.
:)
Systems which support CAPP generally have a daemon which can be asked by
specific users to (re)start specific daemons, to deal with this. But
anyone who's not trying to run a CAPP system would simply ignore the
whole LUID thing and get on with life. It's the people trying to do
CAPP with Linux who need this.
-- brandon s. allbery os/2,linux,solaris,perl allbery@kf8nh.apk.net system administrator kthkrb,heimdal,gnome,rt allbery@ece.cmu.edu carnegie mellon / electrical and computer engineering kf8nh We are Linux. Resistance is an indication that you missed the point.- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Apr 15 2000 - 21:00:26 EST